I dont know but some suspicious i already had. My electricity power bill enraised a little bit, so i disable the power supply on my desktop.
If is disable, only mobo battery is on, which is highly impossible to have some ... transfer.

We living on Business world.
Multi-national business can not paying Higher taxs in US, Europe, Asia or other if will serve some purpose at backend from disguised defense department. Yes its a disguise. Unlike you pay 30 billions per year, you only pay 2 billions.

I'm a little confused ....
Are you thinking that the increase in electricity usage might be due to IME running on your system ?

I can assure you that if IME is getting " chatty " there will be no outward indication whatsoever .
There would be no visible increase in cpu or RAM usage , and even intensive network analysis is unlikely to pick it up .
Reliable info on this is scarce right now .... I had some links ; I'll post them later if I can find them .

It's so darned hard to find any kind of hardware one can trust any longer. This sort of thing has just killed the crap out of any sort of "fun" I can derive from technology.

I'm not a Luddite, but this (and many other) sort of crap makes me want to completely walk away from modern technology. Computers, smart phones, just straight-up cell phones, TVs, etc., are all so commercial and profit and bottom-line driven, and what with the various movers and shakers out there having turned the U.S. Government (and other governments) into their pitbulls to enforce what should be company policies, that I just can't stand it.

Everything is in hand. With this tapestry... and with patience, there is nothing one cannot achieve.

Intel ME/AMT/vPro and AMD PSP have been mostly shipped with high-end Business PCs/servers, ie for the businesses to remotely manage their computers/servers at the BIOS level, eg to remotely reinstall the OS, even when the computers/servers have been switched off but still connected to the AC wall outlet.
... So, to avoid them, buy low to mid-end PCs or ARM-based devices.

The Dark side has taken over the tech industry, eg LM 18's and Win 10's Dark theme.? "Resistance is futile".

Portreve wrote:
It's so darned hard to find any kind of hardware one can trust any longer. This sort of thing has just killed the crap out of any sort of "fun" I can derive from technology.

I hear you. I built my own desktop to make it more linux friendlly/secure but there's still nonsense like that. And since I used an intel processor (to avoid some of the compatibility proprietary driver stuff), I'm no doubt affected by the latest security hole caused by this in intel that they just announced.

Portreve wrote:
It's so darned hard to find any kind of hardware one can trust any longer. This sort of thing has just killed the crap out of any sort of "fun" I can derive from technology.

I hear you. I built my own desktop to make it more linux friendlly/secure but there's still nonsense like that. And since I used an intel processor (to avoid some of the compatibility proprietary driver stuff), I'm no doubt affected by the latest security hole caused by this in intel that they just announced.

1) go to the page listed above, choose the Linux download, download & upack
2) open your terminal, change to the directory that has the unpacked .py files
3) at the command line: sudo ./intel_sa00086.py – put in your password when asked, and it lets you know in a second.

BTW - Well done Intel for getting out a utility fast, and considering Linux users

That’s right. A web server. Your CPU has a secret web server that you are not allowed to access, and, apparently, Intel does not want you to know about.

I remember when I installed VisualStudio on my Windows computer in 2005 or thereabouts, and a web server (IIS) was included. It was in the inetpub folder on the root of the C: drive. The number of security patches from Microsoft increased by 30%-40% easily. They were patching that piece of junk IIS so often and most were critical updates. I disabled the services associated with it so it wouldn't run at boot. One update turned the service back on. I removed VisualStudio and installed VB6. I don't code anymore but I remember the IIS fiasco well. Gibson Research has a long history of finding IIS security problems.

And now Intel has included a non-user serviceable web server on it's CPUs. I guess those that don't learn from history are condemned to repeat it -- at our expense.

This thread needs to be renamed to "BIOS with IME has a severe security flaw".

I have a couple laptops that are vulnerable according to the Intel python script, can't be shutoff in BIOS and no BIOS updates available anymore. Is there something Ubuntu/Mint can do to mitigate the risk at least some?

earthlingkc wrote:This thread needs to be renamed to "BIOS with IME has a severe security flaw".

I have a couple laptops that are vulnerable according to the Intel python script, can't be shutoff in BIOS and no BIOS updates available anymore. Is there something Ubuntu/Mint can do to mitigate the risk at least some?

earthlingkc wrote:This thread needs to be renamed to "BIOS with IME has a severe security flaw".

I have a couple laptops that are vulnerable according to the Intel python script, can't be shutoff in BIOS and no BIOS updates available anymore. Is there something Ubuntu/Mint can do to mitigate the risk at least some?

Both end-to-end computers have to be configured for Intel AMT/ME/vPro before an IT Admin is able to remotely manage an off-site computer, even if it has been switched off, on condition it is still connected to the AC wall outlet and router.
... So, it is only such already-configured computers which are vulnerable to the bug and needs to be patched asap. Computers that are not configured for Intel AMT/ME or has it disabled are likely not vulnerable to the bug.

You can disable Intel ME/AMT at the BIOS -1 Level by pressing Ctl+P during startup. This will take you to the Intel MEBx setup.

The duo say they found a locally exploitable stack buffer overflow that allows the execution of unsigned code on any device with Intel ME 11, even if the device is turned off or protected by security software.

They describe the problem and some potential solutions. If you like all things linux and enjoy tech, I highly recommend subscribing to lwn.

The problem, Minnich said, is that Linux has lost its control of the hardware. Back in the 1990s, when many of us started working with Linux, it controlled everything in the x86 platform. But today there are at least two and a half kernels between Linux and the hardware. Those kernels are proprietary and, not surprisingly, exploit friendly. They run at a higher privilege level than Linux and can manipulate both the hardware and the operating system in various ways. Worse yet, exploits can be written into the flash of the system so that they persist and are difficult or impossible to remove—shredding the motherboard is likely the only way out.

He used to give a talk with the title: "If you trust your computer, you're crazy", due to all of that proprietary code running on our systems. He hopes that this talk will give folks ways to deal with some of those problems, "so we can stop being crazy and maybe get a little sane".

They describe the problem and some potential solutions. If you like all things linux and enjoy tech, I highly recommend subscribing to lwn.

The problem, Minnich said, is that Linux has lost its control of the hardware. Back in the 1990s, when many of us started working with Linux, it controlled everything in the x86 platform. But today there are at least two and a half kernels between Linux and the hardware. Those kernels are proprietary and, not surprisingly, exploit friendly. They run at a higher privilege level than Linux and can manipulate both the hardware and the operating system in various ways. Worse yet, exploits can be written into the flash of the system so that they persist and are difficult or impossible to remove—shredding the motherboard is likely the only way out.

He used to give a talk with the title: "If you trust your computer, you're crazy", due to all of that proprietary code running on our systems. He hopes that this talk will give folks ways to deal with some of those problems, "so we can stop being crazy and maybe get a little sane".